Ed Snowden And Bunnie Huang Design Phone Case To Warn You If Your Phone Is Compromised
from the busy-day dept
Bunnie Huang is having quite a day — and it’s a day the US government perhaps isn’t too happy about. Huang has worked on a number of interesting projects over the years from hacking the Xbox over a dozen years ago to highlighting innovation happening without patents in China. This morning we wrote about him suing the US government over Section 1201 of the DMCA. And now he’s teamed up with Ed Snowden (you’ve heard of him) to design a device to warn you if your phone’s radios are broadcasting without your consent. Basically, they’re noting that your standard software based controls (i.e., turning on “airplane mode”) can be circumvented by, say, spies or hackers. But their tool is designed to actually determine if the radios are broadcasting for real:
The aim of that add-on, Huang and Snowden say, is to offer a constant check on whether your phone?s radios are transmitting. They say it?s an infinitely more trustworthy method of knowing your phone?s radios are off than ?airplane mode,? which people have shown can be hacked and spoofed. Snowden and Huang are hoping to offer strong privacy guarantees to smartphone owners who need to shield their phones from government-funded adversaries with advanced hacking and surveillance capabilities?particularly reporters trying to carry their devices into hostile foreign countries without constantly revealing their locations.
They’ve published a paper describing the product and it’s a good read.
Front-line journalists risk their lives to report from conflict regions. Casting a spotlight on atrocities, their updates can alter the tides of war and outcomes of elections. As a result, front-line journalists are high-value targets, and their enemies will spare no expense to silence them. In the past decade, hundreds of journalists have been captured, tortured and killed. These journalists have been reporting in conflict zones, such as Iraq and Syria, or in regions of political instability, such as the Philippines, Mexico, and Somalia.
Unfortunately, journalists can be betrayed by their own tools. Their smartphones, an essential tool for communicating with sources and the outside world?as well as for taking photos and authoring articles?are also the perfect tracking device. Legal barriers barring the access to unwitting phone transmissions are failing because of the precedent set by the US?s ?third-party doctrine,? which holds that metadata on such signals enjoys no legal protection. As a result, governments and powerful political institutions are gaining access to comprehensive records of phone emissions unwittingly broadcast by device owners. This leaves journalists, activists, and rights workers in a position of vulnerability. Reporter Marie Colvin?s 2012 death is a tragic reminder of how real this vulnerability can be. A lawsuit against the Syrian government filed in 2016 alleges she was deliberately targeted and killed by Syrian government artillery fire. The lawsuit describes how her location was discovered in part through the use of intercept devices that monitored satellite-dish and cellphone communications.
Of course, at this point, all that exists is the paper explaining how this will work. They haven’t yet built the actual system. But given Huang’s history of hardware hacking and his relationships in Shenzhen, it seems likely that he could get it made pretty quickly if there was demand.
Huang, who lives in Singapore but travels monthly to meet with hardware manufacturers in Shenzhen, says that the skills to create and install their hardware add-on are commonplace in mainland China?s thriving iPhone repair and modification markets. ?This is definitely something where, if you?re the New York Times and you want to have a pool of four or five of these iPhones and you have a few hundred extra dollars to spent on them, we could do that.? says Huang. ?The average [DIY enthusiast] in America would think this is pretty fucking crazy. The average guy who does iPhone modifications in China would see this and think it?s not a problem.?
Again, who knows if people will actually end up using this, but it’s still good to see solutions like this being explored and tested.
Filed Under: bunnie huang, ed snowden, radios, surveillance
Comments on “Ed Snowden And Bunnie Huang Design Phone Case To Warn You If Your Phone Is Compromised”
I must not be average
“The average [DIY enthusiast] in America would think this is pretty fucking crazy.”
I must not be average, because this doesn’t sound crazy at all. I know a few people who do this sort of thing, and while I haven’t modded my phone (yet!), I certainly could.
Re: I must not be average
What? Don’t you know that when you do something for yourself you’re “stealing” someone else’s “expected profits”? Bad person!
Bunnie Huang is the next Kim DotCom
as far as the US government (DOJ) is concerned. How quickly will he be raied and extradition proceedings started against him, eh.
Does anyone remember the phone charms that would flash if your phone was ringing?
I’d like a phone charm that flashed on detection of radio output.
Amusingly, Robocop 2014 features a moment where a bad-guy is located by an unprotected phone in use (via 3rd party doctrine or dubious search) but we’re supposed to cheer it on because Alex Murphy is good and the phone is owned by the henchman of an arms dealer.
Re: Does anyone remember the phone charms that would flash if your phone was ringing?
A hobby project I’m working on right now will react to cell phone, wifi, and bluetooth radio signals that are nearby (to allow an illuminated art piece to change its output according to events such as a cell phone ringing, etc.)
It might be possible to scale this down to something that could fit in a key fob.
Hmmm…
Re: Re: Does anyone remember the phone charms that would flash if your phone was ringing?
The “wifi-allergic” would buy a device like this in a heartbeat (nevermind that it likely emits signals in the process of receiving them – they don’t care about the details).
Re: Re: Re: Does anyone remember the phone charms that would flash if your phone was ringing?
About ten years ago, I did own a largish key fob device that would display the strength of Wifi signals it was near. I think I picked it up for about $10 at some bodega somewhere. But it would only react to Wifi, not cell or bluetooth.
Re: Re: Does anyone remember the phone charms that would flash if your phone was ringing?
“to allow an illuminated art piece to change its output according to events such as a cell phone ringing, etc.”
Better get running to the local patent office first. Sadly.
Re: Re: Re: Does anyone remember the phone charms that would flash if your phone was ringing?
Why for?
I have no interest in getting a patent of something I think shouldn’t be patentable (like this), and even if an aspect of this is already patented, the nature of this particular project is such that I wouldn’t be in violation of it anyway.
With a $40 Raspberry Pi and a $10 TV dongle from Amazon you can build your own SDR-based spectrum analyzer for under 100 bucks.
I haven’t played with my setup much but it can definitely see my phone talking to the tower. Mostly I just use it for the “most complicated way possible to listen to FM radio.”
Great, but...
…this isn’t how it’s done. Data can be (and is) exfiltrated while the phone is transmitting normally, just by embedding it in other data. There’s zero need for an adversary to activate the transmitter at other times. And as the volume of “normal” data steadily increases, the ability of adversaries to conceal clandestine data in it with low probability of detection also increases.
Re: Great, but...
“Data can be (and is) exfiltrated while the phone is transmitting normally,”
When someone turns their phone off most assume they can’t be heard or tracked. It sure would be handy to know your phone was still transmitting. What happens when this ends up getting used by stalkers?
Re: Great, but...
The problem being solved is not exfiltration of data, but rather the phone being turned into a tracking device, even when its radios are supposedly switched off, as tracking a is only possible if it is transmitting. Note, the phone does not transit its location, but rather it is located through the receiver that can see it to allow its position to be triangulated..
Options
Wouldn’t a Faraday bag be just as effective. Unless your making a call of course. To view documents, you might want to be in a Faraday room, or tent maybe.
Re: Options
Stopping it from happening might be a bit safer than potentially finding out it is happening. The informative nature of Huang’s hack is still useful, but yeah, journalists in fear of their lives may want to simply grab a Faraday wallet or bag that would cover the phone.
Re: Options
That makes videoing or photographing what is happening with a phone a little difficult, and kinda defeats the purpose of being a reporter. As using an actual camera these days makes a person stand out, reporters may well prefer to use their phones instead of a camera.
Re: Options
A Faraday cage is useless.
Easy test: place your phone in a cage and dial its number.
A Faraday cage that should be perfect:
A microwave!
A microwave works at 2.4Ghz
it is build as being a faraday cage by design.
(make sure it is plugges in and earthed for having a nicely grounded Faraday cage)
Now the real surprice, the phone IN the Faraday cage will ring!. How can that be? It is within a grounded cage, far away from a cell tower. And still it rings! 😀
Have fun…
I could design one too.
All you need is a case, and LED, and a battery. As soon as the case is on the phone, turn on the LED. It would be right probably 99% of the time.
Re: Re:
So go ahead.
You can place it next to the not-actually-scarce T-shirts you boasted about making.
Marketing
If you want to stop the phone being used to track you, why buy an expensive phone cover, why not just pull out the battery and drop both phone and battery into a Faraday bag.
(some state actors have put extra surprises in phones. A certain middle-east state with a mediterranian coast).
I think the fob would be better, It would tell you if your travelling companions were comprimized.
Re: Marketing
Not to many phones today allow you to remove the battery anymore…what then..?
Trust
So I get some engineer in Shenzhen to install an anti-bugging device in my phone. That seems safe.
If it does come to market
I will buy one… and I dont even own an iPhone. 😉
Aluminum Foil Hat Conversation
I understand the concern with knowing if someone is tapping your wireless signals, but what about the possibility that they can simply track and listen to you through the cell towers themselves? This is a known issue, since they’re using legacy technology (common denominator) to process billing across networks. And it’s this method that they can listen to your conversation and locate your whereabouts (by cell tower triangulation). So unless EVERYTHING is off, you can still be found. And if someone was really nefarious, they could simply know what cell tower you’re at, and enable other non-protected phones in the same vicinity to listen to your conversations.
So you’d pretty much have to live in a cave (without cell reception or GPS) to avoid anyone from snooping.
Re: Aluminum Foil Hat Conversation
I understand…
Umm, no, I don’t think you do. The signals transmitted by you your phone are what enable them to “track and listen to you through the cell towers”. No signals, no tower tracking.
Re: Re: Aluminum Foil Hat Conversation
Here’s what I meant:
http://www.dailymail.co.uk/sciencetech/article-3546288/Your-phone-number-hackers-need-access-call-message-TV-demonstrates-easy-eavesdrop.html
Re: Re: Re: Aluminum Foil Hat Conversation
Wow, a Daily Mail article that isn’t actually that far off. I’m actually surprised.
But the article is talking about the SS7 hack, not cell phones. And the SS7 hack is only possible because of poor security on the part of the telecoms.
It does not have anything to do with being able to track the whereabouts of cell phones. The cold, technical fact is that if your cell phone can’t send a radio signal out, it cannot be tracked. There’s literally nothing to track in that situation.
Keyless Fob Fataday bag
For a little more than $17, you can buy a padded nylon “Fob Keeyper” which is a Faraday bag for your cars keyless entry key fob. https://www.amazon.com/gp/aw/d/B01FYVWVX8?pc_redir=T1
Interesting
That would be a great case.
Waiting in line...
I will certainly purchase one for myself, and those who I work with. I suspect that this type of abuse is more widespread than anyone could imagine.